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(57) A semiconductor memory card comprising a 
control IC 302, a flash memory 303, and a ROM 304. 
The ROM 304 holds information such as a medium ID 
341 unique to the semiconductor memory card. The 
flash memory 303 includes an authentication memory 
332 and a non-authentication memory 331 . The authen- 
tication memory 332 can be accessed only by external 
devices which have been affirmatively authenticated. 
The non-authentication memory 331 can be accessed 
by external devices whether the external devices have 
been affirmatively authenticated or not. The control 10 
302 includes control units 325 and 326, an authentica- 
tion unit 321 and the like. The control units 325 and 326 
control accesses to the authentication memory 332 and 
the non-authentication memory 331 , respectively. The 
authentication unit 321 executes a mutual authentica- 
tion with an external device. 



FIG. 5 




109 



SEMICONDUCTOR MEMORY CARD 

CONTROL IC 

323a 



302 



.MASHRKEYSrORAdUWr 



323 ^321 



^324 



SPECIAL AKEAA(X3SS 

COfmOLUM 



325 



PM£AkC£ESS 

comtoium 




^ENCRYPHQWDECRYPnON QRCUm 



304 



ROM 

(SPaClALAREA) 
ijD ^ 

iNAME 



342 




iAimiENn- 

ICATION 
•AREA 



NON- 

AUTHENTl- 
CATION 
AREA 



FLASH MEMORY 




GND 



CLOCK 



mm 



DATAl 



DATA2 



^ DATA3 



DATA4 



GND 



Printed by Jouve, 75001 PARIS (FR) 



BNSDOCiO: <EP 



.1304702A1J_> 



1 



EP 1 304 702 A1 



2 



Description 

BACKGROUND OF THE INVENTION 

(1 ) Field of the Invention 

[0001 ] The present invention relates to a semiconduc- 
tor memory card for storing digital contents, and a data 
reading apparatus for reading out the digital contents 
from the semiconductormemory card. More particularly, 
the present invention relates to a semiconductor mem- 
ory card and a data reading apparatus suitable for cop- 
yright protection of digital contents. 

(2) Description of the Prior Art 

[0002] The multimedia network technology has devel- 
oped to the extent that digital contents such as music 
contents are distributed via a communication network 
such as the Internet. This makes it possible to access a 
variety of music or the like provided from around the 
world at home. For example, a music content can be 
downloaded into a personal computer (hereafter re- 
ferred to as PC), then stored in a semiconductor mem- 
ory card loaded into the PC. Also, the semiconductor 
memory card can be removed from the PC and can be 
loaded into a portable music player. This enables one 
to listen to the music while walking. The semiconductor 
memory cards are compact and lightweight cards con- 
taining a semiconductor memory (e.g.. a flash memory) 
being nonvolatile and having a large storage capacity. 
[0003] In such a music distribution, the digital con- 
tents to be stored in the semiconductor memory card 
need to be encrypted beforehand using a key or the like 
to prevent unauthorized copying of the digital contents. 
Also, an arrangement is required so that file manage- 
ment software programs, many of which are standard 
equipments on commercial PCs, cannot copy the digital 
contents to other storage mediums. 
[0004] In one possible method for preventing unau- 
thorized copying, only dedicated software programs are 
allowed to access the semiconductor memory card. For 
example, when an authentication process between a 
PC and a semiconductor memory card has completed 
affirmatively, a PC is allowed to access the semiconduc- 
tor memory card; and when the authentication process 
has not completed affirmatively due to the lack of a ded- 
icated software program, the PC is not allowed to ac- 
cess the semiconductor memory card. 
[0005] However, in the above method in which PCs 
should'always have a dedicated software program to ac- 
cess the semiconductor memory card, free data ex- 
change with users via the semiconductor memory card 
is not available. As a result, the above method loses a 
merit of conventional semiconductor memory cards, 
namely, a merit that file management software pro- 
grams being standard equipments on commercial PCs 
can be used to access the semiconductor memory card. 



[0006] Semiconductor memory cards that can only be 
accessed through dedicated software programs are su- 
perior as storage mediums for storing digital contents 
since such semiconductor memory cards function to 
5 protect copyright of the digital contents. However, the 
semiconductor memory cards have a problem that they 
cannot be used as auxiliary storage apparatuses in gen- 
eral-purpose computer systems. 

10 SUMMARY OF THE INVENTION 

[0007] It is therefore an object of the present invention 
to provide a semiconductor memory card that can be 
used as a storage medium for storing digital contents 
IS and as a storage medium for storing general-purpose 
computer data (not an object of copyright protection), 
and to provide an apparatus for reading data from the 
storage medium. 

[0008] The above object is fulfilled by a semiconduc- 

20 tor memory card that can be used/removed in/from an 
electronic device, comprising: a rewritable nonvolatile 
memory; and a control circuit which controls accesses 
by the electronic device to an authentication area and a 
non-authentication area in the rewritable nonvolatile 

25 memory, wherein the control circuit includes: a non-au- 
thentication area access control unit which controls ac- 
cesses by the electronic device to the non-authentica- 
tion area; an authentication unit which performs an au- 
thentication process to check whether the electronic de- 

30 vice is proper, and affimnatively authenticates the elec- 
tronic device when the electronic device is proper; and 
an authentication area access control unit which pemriits 
the electronic device to access the authentication area 
only when the authentication unit affirmatively authenti- 

35 cates the electronic device. 

[0009] With the above construction, the data being an 
object of copyright protection can be stored in the au- 
thentication area and other data can be stored in the 
non-authentication area, which makes it possible to 

40 achieve such a semiconductor memory card as can 
store both digital contents to be copyright-protected and 
other data together. 

[0010] In the above semiconductor memory card, the 
authentication unit may generate a key reflecting a re- 
suit of the authentication process, and the authentica- 
tion area access control unit decrypts an encrypted in- 
struction using the key generated by the authentication 
unit, and controls accesses by the electronic device to 
the authentication area in accordance with the decrypt- 
so ed instruction, the encrypted instruction being sent from 
the electronic device. 

[0011] With the above construction, even if the com- 
munication between the semiconductor memory card 
and an electronic device is tapped, the instruction to ac- 
55 cess the authentication area has been encrypted, re- 
flecting the result of the preceding authentication. Ac- 
cordingly, such a semiconductor memory card has a re- 
liable function to protect the authentication area from be- 
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ing unlawfully accessed. 

[0012] In the above semiconductor memory card, the 
authentication unit may perform a challenge-response 
type mutual authentication with the electronic device, 
and generates the key from challenge data and re- 
sponse data, the challenge data being sent to the elec- 
tronic device to check whether the electronic device is 
proper, and the response data being generated to show 
the authentication unit is proper. 
[0013] With the above construction, the key is shared 
by the semiconductor memory card and the electronic 
device only when both devices affirmatively authenti- 
cate each other. Furthemnore, the key changes for each 
authentication. This enhances the security of the au- 
thentication area since the authentication area cannot 
be accessed without using the key. 
[0014] In the above semiconductor memory card, the 
encrypted instruction sent from the electronic device 
may include a lag field and an address field, the tag field 
not having been encrypted and specifying a type of an 
access to the authentication area, the address field hav- 
ing been encrypted and specifying an address of an ar- 
ea to be accessed, wherein the authentication area ac- 
cess control unit decrypts the address field using the 
key, and controls accesses by the electronic device to 
the authentication area so that an access of the type 
specified in the tag field is made to the area indicated 
by the address in the decrypted address field. 
[0015] With the above construction, only the address 
field of the instruction is encrypted. This facilitates the 
decryption and the decoding of the instruction by the 
semiconductor memory card which receives the instruc- 
tion. 

[0016] The above semiconductor memory card may 
further comprise: an identification data storage circuit 
which prestores identification data which is unique to the 
semiconductor memory card and enables the semicon- 
ductor memory card lo be discriminated from other sem- 
iconductor memory cards, wherein the authentication 
unit performs a mutual authentication with the electronic 
device using the identification data stored in the identi- 
fication data storage circuit, and generates the key from 
the identification data. 

[0017] With the above construction, in the mutual au- 
thentication process, data unique to each semiconduc- 
tor memory card is exchanged. This keeps a superior 
level security against unlawful decoding of the mutual 
authentication. 

[0018] The above semiconductor memory card may 
further comprise: an area resizing circuit which resizes 
the authentication area and the non-authentication ar- 
ea. 

[0019] With the above construction, the semiconduc- 
tor memory card can be used dynamically. That is. the 
semiconductor memory card can be used mainly as a 
record medium for digital contents and can be used as 
an auxiliary storage apparatus in a commuter system. 
[0020] in the above semiconductor memory card, the 



authentication area and the non-authentication area 
may be produced by dividing a continuous area of a pre- 
detemriined size in the rewritable nonvolatile memory in- 
to two, and the area resizing circuit resizes the authen- 

5 tication area and the non-authentication area by chang- 
ing an address marking a boundary between the au- 
thentication area and the non-authentication area. 
[0021 ] With the above construction, the size of the au- 
thentication and non-authentication areas can be 

10 changed only by moving the boundary. This reduces the 
circuit size. 

[0022] In the above semiconductor memory card, the 
area resizing circuit may include: an authentication area 
conversion table which shows correspondence be- 

15 tween logical addresses and physical addresses in the 
authentication area; a non-authentication area conver- 
sion table which shows correspondence between logi- 
cal addresses and physical addresses In the non-au- 
thentication area; and a conversion table change unit 

20 which changes contents of the authentication area con- 
version table and the non-authentication area conver- 
sion table in accordance with an instruction from the 
electronic device, wherein the authentication area ac- 
cess control unit controls accesses by the electronic de- 

25 vice to the authentication area by referring to the au- 
thentication area conversion table, and the non-authen- 
tication area access control unit controls accesses by 
the electronic device to the non-authentication area by 
referring to the non-authentication area conversion ta- 

30 ble. 

[0023] With the above construction, it is possible to 
separately manage the authentication area and the non- 
authentication area in terms of the area size and rela- 
tionships between the logical addresses and physical 
35 addresses since conversion tables for these areas are 
independently operated. 

[0024] In the above semiconductor memory card, an 
area addressed with higher physical addresses and an 
area addressed with lower physical addresses both con- 

40 stituting the area having the predetermined size may be 
respectively allocated to the authentication area and the 
non-authentication area, the non-authentication area 
conversion table shows correspondence between logi- 
cal addresses arranged in ascending order and physical 

45 addresses arranged In ascending order, and the authen- 
tication area conversion table shows correspondence 
between logical addresses arranged in ascending order 
and physical addresses arranged in descending order 
[0025] With the above construction which enables the 

50 logical addresses to be used in ascending order, the ar- 
ea size can be changed easily since the probability of 
use of an area around the boundary between the au- 
thentication area and the non-authentication area be- 
comes low. This also lowers the probability of occur- 

55 rence of data saving or moving which is required to 
move the boundary, resulting in a simplified area size 
change. 

[0026] The above semiconductor memory card may 
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further comprise: a read-only memory circuit which 
presto res data. 

[0027] With the above construction, the function of 
copyright protection Is enhanced by storing Identifica- 
tion data of the semiconductor memory card in the ded- 
icated memory and storing the digital contents depend- 
ing on the results of identification based on the Identifi- 
cation data. 

[0028] In the above semiconductor memory card, 
each of the authentication area and the non-authentica- 
tion area may include: a read/write storage area from/ 
to which the electronic device can read/write data; and 
a read-only storage area from which the electronic de- 
vice can read data but to which the electronic device 
cannot write data, the control circuit further includes: a 
random number generator which generates a random 
number each time the electronic device writes data to 
the rewritable nonvolatile memory, and each of the au- 
thentication area access control unit and the non-au- 
thentication area access control unit encrypts data using 
the random number, writes the encrypted data to the 
read/write storage area, and writes the random number 
to the read-only storage area. 

[0029] With the above construction, unlawful attempts 

such as tampering of the read/write storage area can be 
detected by checking the compatibility with the random 
number stored in the read-only storage area. This en- 
hances the safety of data writing. 
[0030] In the above semiconductor memory card, the 
control circuit further may include: a conversion table 
which shows correspondence between logical address- 
es and physical addresses in each of the authentication 
area and the non-authentication area; and a conversion 
table change circuit which changes contents of the con- 
version table in accordance with an instruction from the 
electronic device, and the authentication area access 
control unit and the non-authentication area access con- 
trol unit control accesses by the electronic device to the 
authentication area and the non-authentication area, re- 
spectively, by referring to the conversion table. 
[0031 ] With the above construction, even If the plural- 
ity of logical blocks constituting the same file are frag- 
mented, they can be easily changed to become logically 
successive. This increases the speed of accessing the 
same file. 

[0032] I n the above semiconductor memory card , the 
control circuit may further include: an encryption/de- 
cryption unit which encrypts data to be written to the au- 
thentication area and the non-authentication area and 
decrypts data read out from the authentication area and 
the non-authentication area. 

[0033] With the above construction, it is possible to 
defend the authentication area and the non-authentica- 
tion area against unlawful attacks such as destroying 
the semiconductor memory card and directly reading 
the contents of these areas. 

[0034] in the above semiconductor memory card, the 
nonvolatile memory may be a flash memory, and the 



control circuit further includes: a not-deleted list read 
unit which, in accordance with an instruction from the 
electronic device, identifies not-deleted areas in the au- 
thentication area and the non-authentication area, and 
5 sends Infonnatlon Indlcatlngthe not-deleted areas to the 
electronic device. 

[0035] With the above construction, the electronic de- 
vice can identify not-deleted areas and delete the iden- 
tified not-deleted areas before the flash memory is re- 

10 written. This increases the speed of the rewriting. 

[0036] In the above semiconductor memory card, the 
authentication unit may request a user of the electronic 
device to Input a user key, which Is Infomnation unique 
to the user, during the authentication process, and the 

15 control circuit further Includes: a user key storage unit 
which stores the user key; an identification Information 
storage unit which stores a piece of identification Infor- 
mation identifying an electronic device that has been af- 
firmatively authenticated by the authentication unit; and 

20 a user key request prohibition unit which obtains a piece 
of Identification Information from a target electronic de- 
vice after the authentication unit starts the authentica- 
tion process, checks whether the piece of identification 
Information obtained from the target electronic device 

25 has already been stored in the identification Information 
storage unit, and prohibits the authentication unit from 
requesting a user of the electronic device to input a user 
key when the piece of identification information obtained 
from the target electronic device has already been 

30 stored in the Identifbatlon Infomnation storage unit. 
[0037] With the above construction, the user need not 
Input a password or personal data each time the user 
accesses the semiconductor memory card. This pre- 
vents the occurrence of unlawful tapping and using of 

35 the personal data. 

[0038] The above object is also fulfilled by a data 
reading apparatus for reading out a digital content from 
the above semiconductor memory card, the digital con- 
tent having been stored In the non-authentlcatlon area 

40 of the semiconductor memory card, and Information in- 
dicating the number of times the digital content can be 
read out being prestored in the authentication area, the 
data reading apparatus comprising: a judgement means 
for, when the digital content is to be read out from the 

-^s non-authentication area, reading out the information In- 
dicating the number of times the digital content can be 
read out from the authentication area, and judging 
whether the digital content can be read out based on the 
number of times Indicated In the information; and a re- 

50 production means for reading out the digital content 
from the non-authentication area only when the judge- 
ment means judges that the digital content can be read 
out, and reducing the number of times the digital content 
can be read out in the information stored in the authen- 

55 tication area. 

[0039] With the above construction, it is possible to 
limit the number of times the digital content is read out 
from the semteonductor memory card. This enables the 
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present invention to be applied to chargeable, rental mu- 
sic contents. 

[0040] The above object is also fulfilled by a data 
reading apparatus for reading out a digital content from 
the above semiconductor memory card and reproducing 
the read-out digital content as an analog signal, the dig- 
ital content, which can be reproduced as an analog sig- 
nal, having been stored in the non-authentication area 
of the semiconductor memory card, and information in- 
dicating the number of times the digital content can be 
digitally output by the electronic device having been 
stored in the authentication area, the data reading ap- 
paratus comprising: a reproduction means for reading 
out the digital content from the non-authentication area 
and reproducing the read-out digital content as an ana- 
log signal; a judgement means for reading out the infor- 
mation indicating the number of times the digital content 
can be digitally output by the electronic device, andjudg- 
ing whether the digital content can be digitally output 
based on the number of times indicated in the informa- 
tion; and a digital output means for digitally outputting 
the digital content only when the judgement means judg- 
es that the digital content can be digitally output, and 
reducing the number of times the digital content can be 
digitally output in the information stored in the authenti- 
cation area. 

[0041] With the above construction, it is possible to 
limit the number of times the digital content is digitally 
copied from the semiconductor memory card. This pro- 
vides a copyright protection detailed with caution and 
attentiveness as intended by the copyright owner. 
[0042] As described above, the present invention is a 
semiconductor memory card functioning with flexibility 
both as a record medium for storing digital contents and 
an auxiliary storage apparatus of a computer. The 
present invention especially secures healthy distribution 
of digital contents for electronic music distribution. This 
is practically valuable. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0043] These and other objects, advantages and fea- 
tures of the invention will become apparent from the fol- 
lowing description thereof taken in conjunction with the 
accompanying drawings which illustrate a specific em- 
bodiment of the invention. In the drawings: 

FIG. 1 shows the appearance of a PC which is an 
embodiment of the present Invention and is related 
to an electronic music distribution, and shows the 
appearance of a semiconductor memory card which 
can be loaded into and removed from the PC; 
FIG. 2 shows the appearance of a portable player 
for which the semiconductor memory card is used 
as a record medium; 

FIG. 3 is a block diagram showing the hardware 
construction of the PC; 

FIG. 4 is a block diagram showing the hardware 



construction of the player; 

FIG. 5 shows the appearance and hardware con- 
struction of the semiconductor memory card; 
FIG. 6 shows various storage areas in the semicon- 
5 ductor memory card which can be recognized by 
the PC and the player; 

FIGs. 7A, 7B, and 7C show limitations and com- 
mand formats when the PC or the player accesses 
an area in the semiconductor memory card, where 

10 FIG. 7A shows rules to be followed for accessing 
each area, FIG. 78 shows rules to be followed for 
changing the size of each area, and FIG. 7C is a 
schematic representation of areas in the semicon- 
ductor memory card; 

15 FIG. 8 is a flowchart showing a procedure in which 
the PC (or the player) writes a music content or the 
like to the semiconductor memory card; 
FIG. 9 is a flowchart showing a procedure In which 
a music content or the like is read out from the sem- 

20 iconductor memory card and played by the player 
(or the PC); 

FIG. 10 is a flowchart showing the operation in 
which the player (or the PC) handles the number of 
read-outs stored in the authentication area in the 

25 semiconductor memory card; 

FIG. 11 is a flowchart showing the operation in 
which the player (or the PC) handles the number of 
permitted digital outputs stored in the authentication 
area in the semiconductor memory card; 

30 FIG. 1 2 shows a data structure which is common to 
the authentication and non-authentication areas of 
the semiconductor memory card, and also shows a 
flowchart of the reading/writing process corre- 
sponding to the data structure; 

35 FIGs. 1 3A to 1 3D show a change in the relationship 
between the logical addresses and physical ad- 
dresses, where FIG. 13A shows the relationship be- 
fore the change, FIG. 138 shows the relationship 
after the change, FIG. 13C shows a conversion ta- 

40 ble corresponding to FIG. A, and FIG. 13D shows 
a conversion table corresponding to FIG. B; 
FIGs. 14A to 14D show functions related to not-de- 
leted blocks in the semiconductor memory card, 
where FIG. 14A shows the uee state of logical and 

45 physical blocks and physical blocks, FIG. 14B 
shows the not-deleted block list corresponding to 
the use stale of the blocks shown in FIG. 14A, FIG. 
1 4C is a flowchart showing the procedure of the PC 
or the player for deleting blocks beforehand using 

50 the not-deleted block list command and the delete 
command, and FIG. 14D is a table showing the use 
state of the logical blocks; 

FIG. 1 5 shows a communication sequence in an au- 
thentication between the player and the semk:on- 
55 ductor memory card and also shows main compo- 
nents used in the authentication; 
FIG. 16 shows a communication sequence in a var- 
iation of the authentication of the present invention 
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between the memory card and an external device; 
FIG. 1 7 shows a communication sequence in a de- 
tailed procedure of the mutual authentication shown 
in FIG. 16; 

FIGs. 1 8A to 1 8C show the state before the bound- 
ary between the authentication and non-authentica- 
tion areas of the semiconductor memory card is 

changed, where FIG. 1 8A is a memory map show- 
ing the construction of the physical blocks in the 
flash memory, FIG. 18B shows a conversion table 
dedicated to the non-authentication area, and FIG. 
1 8C shows a conversion table dedicated to the au- 
thentication area; and 

FIGs. 19Ato 19C show the state after the boundary 
between the authentication and non-authentication 
areas of the semiconductor memory card is 
changed, where FIG. 19A is a memory map show- 
ing the construction of the physical blocks in the 
flash memory, FIG. 19B shows a conversion table 
dedicated to the non-authentication area, and FIG. 
19C shows a conversion table dedicated to the au- 
thentication area. 

DESCRIPTION OF THE PREFERRED 

EMBODIMENTS 

[0044] An embodiment of the present invention will be 
described with reference to the drawings. 
[0045] FIG. 1 Is a schematic representation of a PC 
which downloads digital contents such as music con- 
tents via a communication network, and a semiconduc- 
tor memory card (hereafter referred to as memory card) 
which can be loaded into and removed from the PC. 
[0046] A PC 102 includes a display 103, a keyboard 
104. and speakers 106. and is connected to a commu- 
nication line 1 01 via a modem embedded in the PC 1 02. 
A memory card writer 1 07 has been inserted into a card 
slot (a memory card writer insertion slot 1 05) of the PC 
1 02. The memory card writer Insertion slot 1 05 is based 
on PCMCIA (Personal Computer Memory Card Interna- 
tional Association) standards or the like. The memory 
card writer 107 is an adaptor which electrically connects 
the PC 1 02 and a memory card 1 09. The memory card 
109 is inserted into a memory card insertion slot 108 of 
the memory card writer 1 07. 

[0047] The user obtains music data from a contents 
provider on the Internet using the above system and the 
following procedure. 

[0048] First, the user downloads a desired music con- 
tent into a hard disk In the PC 1 02 via the communication 
line 101. However, since the music content has been 
encrypted, the user is required to execute a certain pro- 
cedure to play the obtained music content on the PC 
102. 

[0049] To play the obtained music content, the user 
needs to pay the charge to the contents provider using 
a credit card or the like beforehand. When the user pays 
the charge, the user receives a password and rights in- 



formation from the contents provider. The password is 
a key used by the user to decrypt the encrypted music 
content. The rights Information shows various condi- 
tions in which the user Is allowed to play the content on 
5 the PC, such as the number of permitted plays, the 
number of pemnitted writings to the memory card, an ex- 
piration date indicating a period permitted for the user 
to play the content. 

[0050] After having obtained the password and the 
10 rights infomnation, the user, when intending to output the 
music from the speakers 1 06 of the PC 1 02, inputs the 
password through the keyboard 1 04 to the PC 1 02 while 
a dedicated application program (hereafter referred to 
as application) having a copyright protection function Is 
15 running on the PC 102. The application then checks the 
rights Information, decrypts the encrypted music content 
using the password, plays the decrypted music content 
to output the sounds from the speakers 106. 
[0051] When the rights infomnatlon Indicates that the 
content is pemnitted to be written to the memory card, 
the application can write the encrypted music data, 
password, and rights information to the memory card 
109. 

[0052] FIG. 2 is a schematic representation of a port- 
able copy/play apparatus (hereafter referred to as play- 
er) 201 for which the memory card 109 is used as a 
record medium. 

[0053] On the upper surface of the player 201 , a liquid 
crystal display unit 202 and operation buttons 203 are 
formed. On the front side of the player 201 . a memory 
card Insertion slot 206 and a communication port 213 
are formed, where the memory card 1 09 is inserted into 
the memory card insertion slot 206, and the communi- 
cation port 213 is achieved by USB (Universal Serial 
Bus) or the like and connects to the PC 1 02. On a side 
of the player201 , an analog output temninal 204, a digital 
output temninal 205, and an analog Input terminal 223 
are formed. 

[0054] The player 201, after the memory card 109 
storing music data, a password^ and rights Information 
is loaded Into the player 201 , checks the rights informa- 
tion. When the music is permitted to be played, the play- 
er 201 reads out the music data, decrypts the read-out 
music data, converts the decrypted music content into 
an analog signal, and outputs the sounds of the analog 
signal through headphones 208 connected to the ana- 
log output terminal 204. Alternatively, the player 201 out- 
puts digital data of the music data to the digital output 
terminal 205. 

[0055] The player 201 can also convert an analog au- 
dio signal, which is input to the player 201 through a 
microphone or the like then the analog input terminal 
223, into digital data and stores the digital data in the 
memory card 109. The player 201 can also download 
music data, a password, and rights infomnatlon from the 
PC 102 via the communication port 213 and record the 
downloaded Information to the memory card 109. That 
Is to say, the player 201 can replace the PC 1 02 and the 
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memory card writer 1 07 shown in FIG. 1 in terms of re- 
cording the music data on to the memory card 109 and 
playing the music data recorded on the memory card 
109. 

[0056] FIG. 3 is a block diagram showing the hard- 
ware constmction of PC 102. 

[0057] The PC 102 includes a CPU 110. a ROM 111 
prestoring a device key 111a and a control program 
1 1 1 b, a RAM 112, the display 103. a communication port 
113 including a modem port used for connection to the 
communication line 101 and an USB used for connec- 
tion to the player 201 , the keyboard 1 04, an internal bus 
114, the memory card writer 1 07 connecting the memory 
card 109 and the internal bus 214, a descrambler 117 
for descrambiing the encrypted music data read out 
from the memory card 109, an AAC decoder 118 con- 
fomning to MPEG2-AAC (IS01381 8-7) standard for de- 
coding the descrambled music data, a D/A converter 
119 for converting the decoded digital music data into 
an analog audio signal the speakers 106, and a hard 
disk 120 storing a file management software program 
and an application. 

[0058] The PC 1 02 can perform the following: 

(1) use the memory card 109 as an auxiliary storage 
apparatus having an independent file system (e.g., 
IS09293) as hard disks have by executing the file 
management software program stored in the hard 

disk 120, 

(2) download music contents or the like from the 
communication line 101 via the modem port of the 
communication port 113 by executing the dedicated 
application stored in the hard disk 120, 

(3) store the music contents or the like in the mem- 
ory card 109 after a mutual authentication, and 

(4) read out the music contents or the like from the 
memory card 1 09 and output the read-out contents 
to the speakers 106 for playing. 

[0059] The device key 111a stored in the ROM 11 1 is 
a secret key unique to the PC 1 02 and is, as will be de- 
scribed later, used for the mutual authentication or the 
like. 

[0060] FIG. 4 is a block diagram showing the hard- 
ware construction of the player 201 . 
[0061] The player 201 includes a CPU 210, a ROM 
21 1 prestoring a device key 211a and a control program 
211b, a RAM 212, a liquid crystal display unit 203, a 
communication port 213 achieved by an USB or the like 
used for connection to the PC 102, operation buttons 
202, an internal bus 214, a card 1/F unit 215 connecting 
the memory card 109 and the internal bus 214, an au- 
thentication circuit 216 for executing a mutual authenti- 
cation with the memory card 1 09, a descrambler 21 7 for 
descrambiing the encrypted music data read out from 
the memory card 1 09, an AAC decoder 21 8 confomning 
to MPEG2-AAC (IS013818-7) standard for decoding 
the descrambled music data, a D/A converter 219 for 



converting the decoded digital music data into an analog 
audio signal, speakers 224, an A/D converter 221 for 
converting an analog audio signal input from the analog 
input temninal 223 into digital music data, an AAC en- 

5 coder 220 confomning to MPEG2-AAC (IS013818-7) 
standard for encoding the digital music data, a scram- 
bler 222 for scrambling the encoded musb data, an an- 
alog output terminal 204, a digital output terminal 205, 
and an analog input temninal 223. 

10 [0062] The player 201 loads the control program 211b 
from the ROM 211 into the RAM 212 to allow the CPU 
21 0 to execute the control program 21 1 b. By doing this, 
the player 201 can read out music contents from the 
memory card 109, play and output the read-out music 

75 contents to the speakers 224 and can also store music 
contents input via the analog input temninal 223 and 
communication port 21 3 into the memory card 1 09. That 
is to say, the user can use the player 201 not only for 
copying and playing musb personally as with ordinary 

20 players, but also for copying and playing such music 
contents (protected by copyright) as are distributed by 
an electronic music distribution system and downloaded 
by the PC 102. 

[0063] FiG. 5 shows the appearance and hardware 
25 construction of the memory card 1 09. 

[0064] The memory card 109 contains a rewritable 
nonvolatile memory to which data can be written repeat- 
edly. The rewritable nonvolatile memory has capacity of 
64MB, and is driven by power supply voltage of 3.3V 
30 and a clock signal supplied from external sources. The 
memory card 109 is a 2.1mm-thick, 24mm-wide, and 
32mm-deep rectangular parallelepiped. The memory 
card 1 09 is provided with a write-protect switch on its 
side, and is electrically connected to an external appa- 
ls ratus via a 9-pin connection terminal formed at an end 
of the memory card 1 09. 

[0065] The memory card 1 09 contains three IC chips: 
a control IC 302, a flash memory 303, and a ROM 304. 
[0066] The flash memory 303 is a flash-erasable, re- 

40 writable nonvolatile memory of a block deletion type, 
and includes logical storage areas: an authentication ar- 
ea 332 and a n on -authentication area 331 . The authen- 
tication area 332 can be accessed only by the appara- 
tuses that have been authenticated as proper appara- 

45 tuses. The non-authentication area 331 can be ac- 
cessed by any apparatuses whether they are authenti- 
cated or not. In the present embodiment, the authenti- 
cation area 332 is used for storing important data related 
to copyright protection, and the non-authentication area 

50 331 js used as an auxiliary storage apparatus in atypical 
computer system. Note that a certain address in the 
flash memory 303 is used as a boundary between these 
two storage areas. 

[0067] The ROM 304 includes a storage area which 
55 is a read-only area and is called special area. The spe- 
cial area prestores information including: a medium ID 
341 which is an identifier of the memory card 109; and 
a maker name 342 which indicates the name of the man- 
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ufacture of the memory card 1 09. Note that the medium 
ID 341 is unique to the memory card 109 and discrimi- 
nates the memory card 1 09 from the other semiconduc- 
tor memory cards and that the medium ID 341 Is used 
for the mutual authentication between apparatuses and 
used for preventing an unauthorized access to the au- 
thentication area 332. 

[0068] The control iC 302 is a control circuit com- 
posed of active elements (logic gates and the like), and 
includes an authentication unit 321 , a command judge- 
ment control unit 322, a master key storage unit 323, a 
special area access control unit 324, an authentication 
area access control unit 325, a non-authentication area 
access control unit 326, and an encryption/decryption 
circuit 327. 

[0069] The authentication unit 321 is a circuit that per- 
forms a challenge-response-type mutual authentication 
with a remote apparatus attempting to access the mem- 
ory card 109. The authentication unit 321 includes a ran- 
dom number generator and an encryption unit, and au- 
thenticate the remote apparatus as a proper one when 
having confirmed that the remote apparatus has the 
same encryption unit as the local apparatus. Note that 
in the challenge-response-type mutual authentication, 
both two apparatuses in communication perform the fol- 
lowing: the local apparatus first sends challenge data to 
the remote apparatus, the remote apparatus in return 
generates response data by processing the received 
challenge data for certifying the properness of the re- 
mote apparatus and sends the generated response data 
to the local apparatus, and the local apparatus judges 
whether the remote apparatus Is proper by comparing 
the challenge data with the response data. 
[0070] The command judgement control unit 322 is a 
controller composed of a decoding circuit and a control 
circuit. The decoding circuit identifies a command (an 
instruction to the memory card 109) input via a com- 
mand pin and execute the identified command. The 
command judgement control unit 322 controls the com- 
ponents 321 to 327 in accordance with the received 
commands. 

[0071] The commands received by the command 

judgement control unit 322 includes not only commands 
to read, write, and delete data from/into the flash mem- 
ory 303, but commands to control the flash memory 303 
(commands related to an address space, not-deleted 
data, etc.). 

[0072] For example, in relation to reading/writing da- 
ta, the SecureRead address count command and the 
SecureWrite address count command are defined as 
commands for accessing the authentication area 332, 
and the Read address count command and the Write 
address count command are defined as commands for 
accessing the non-authentication area 331 . In the above 
commands, "address" is a serial number of the first sec- 
tor of a sequence of sectors from/on which data is read 
or written by the command. "Count" is the total number 
of sectors from/on which data is read or written by the 



command. "Sector" is a unit representing the amount of 
data read or written from/to the memory card 1 09. in the 
present embodiment, one sector is 512 bytes. 
[0073] The master key storage unit 323 prestores a 
5 master key 323a which is used by the remote apparatus 
during the mutual authentication and is used to protect 
data in the flash memory 303. 

[0074] The special area access control unit 324 is a 
circuit for reading out information such as the medium 
ID 341 from the special area (ROM) 304. 
[0075] The authentication area access control unit 

325 and the non-authentication area access control unit 

326 are circuits for reading/writing data f ronn/to the au- 
thentication area 332 and the non-authentication area 
331 , respectively. Each of the units 325 and 326 sends/ 
receives data to/from external apparatuses (the PC 1 02, 
the player 201 , etc.) via four data pins, 
[0076] It should be noted here that the access control 
units 325 and 326 each contains a buffer memory as 
large as one block (32 sectors, or 16K bytes), and logi- 
cally, inputs/outputs data in units of sectors to/from the 
area 332 or 331 in response to a command issued from 
an external apparatus, although it inputs/outputs data in 
unrts of blocks when the flash memory 303 is rewritten. 
More specifically, when a sector in the flash memory 303 
is to be rewritten, the access control unit 325 or 326 
reads out data from a block including the sector from the 
flash memory 303, deletes the block in the flash memory 
303 at once, rewrites the sector in the buffer memory, 
then writes the block of data Including the rewritten sec- 
tor to the flash memory 303. 

[0077] The encryption/decryption circuit 327 is a cir- 
cuit which perfonns encryption and decryption using the 
master key 323a stored in the master key storage unit 
323 under the control of the authentication area access 
control unit 325 and the non-authentication area access 
control unit 326. The encryption/decryption circuit 327 
encrypts data before writing the data to the flash mem- 
ory 303, and decrypts the data after reading out the data 
from the flash memory 303. These encryption and de- 
cryption are performed to prevent unlawful acts such as 
an act of disassembling the memory card 1 09, analyzing 
the contents of the flash memory 303 directly, and steal- 
ing the password from the authentication area 332. 
[0078] It should be noted here the control IC 302 in- 
cludes a synchronization circuit, a volatile storage area, 
and a nonvolatile storage area as well as the main com- 
ponents 321 to 327. The synchronization circuit gener- 
ates an internal clock signal in synchronization with a 
clock signal supplied from a clock pin, and supplies the 
generated internal clock signal to each component. 
[0079] Also, to protect the information stored in the 
special area (ROM) 304 against tampering by unauthor- 
ized persons, the special area (ROM) 304 may be em- 
bedded In the control IC. Alternatively, the infonnation 
may be stored in the flash memory 303. In this case, the 
special area access control unit 324 may Impose a lim- 
itation on writing data to the Information, or the encryp- 
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tion/decryption circuit 327 may encrypt the information 
before tlie infomiation is stored in the flash memory 303. 
[0080] FIG. 6 shows various storage areas in the 
memory card 109 which can be recognized by the PC 
1 02 and the player 201 . The storage areas in the mem- 
ory card 1 09 are classified into three main areas: special 
area 304; authentication area 332; and non-authentica- 
tion area 331 . 

[0081] The special area 304 is a read-only area. A 
dedicated command is used to read data from the spe- 
cial area 304. Reading/writing data from/to the authen- 
tication area 332 is possible only when the authentica- 
tion between the PC 1 02 orthe player 201 and the mem- 
ory card 109 has been affinmative. An encrypted com- 
mand is used to access the authentication area 332. The 
non-authentication area 331 can be accessed by com- 
mands on public use such as the commands conforming 
to the ATA (AT Attachment) or SCSI (Small Computer 
System Interface) standard. That is to say, data can be 
read/written fronn/to the non-authentication area 331 
without an authentication process. Accordingly, a file 
management software program being a standard equip- 
ment on the PC 1 02 can be used to read/write data from/ 
to the non-authentication area 331 , as with a flash ATA 
or a compact flash. 

[0082] The three main areas store the kinds of infor- 
mation shown below which provide the areas with a 
function as an auxiliary storage apparatus for a typical 
PC, and a function to copyright-protect the music data 
distributed by an electronic music distribution system. 
[0083] The non-authentication area 331 stores an en- 
crypted content 426, user data 427, etc. The encrypted 
content 426 is music data being an object of copyright 
protection and having been encrypted. The user data 
427 is general data irrelevant to copyright protection. 
The authentication area 332 stores an encryption key 

425 which is a secret key used for decrypting the en- 
crypted content 426 stored in the non-authentication ar- 
ea 331 . The special area 304 stores the medium ID 341 
which is necessary for accessing the authentication ar- 
ea 332. 

[0084] The PC 1 02 or the player 201 first reads out 
the medium ID 341 from the special area 304 in the 
memory card 1 09 loaded into itself, then extracts the en- 
cryption key 425 and the rights information from the au- 
thentication area 332 using the medium ID 341 . When 
it is confirmed from the rights information that the en- 
crypted content 426 stored in the non-authentication ar- 
ea 331 is permitted to be played, the encrypted content 

426 can be read out and played while being decrypted 
with the encryption key 425. 

[0085] HerO: suppose that a user writes only the mu- 
sic data that has been obtained unlawfully to the non- 
authentication area 331 in the memory card 1 09 using 
the PC 1 02 orthe like, then attempts to play the music 
data from the memory card 109 loaded into the player 
201 . In this case, although the non-authentication area 
331 in the memory card 1 09 stores the music data, no 



encryption key 425 or rights information corresponding 
to the music data is stored in the authentication area 
332. Therefore, the player 201 fails to play the music 
data. With such a construction in which when only a mu- 
s sic content is copied to the memory card 109 without 
authorized encryption key or rights infomnation, the mu- 
sic content cannot be played, unauthorized copying of 
digital contents is prevented. 

[0086] FIGs. 7A, 7B, and 7C show limitations and 

10 command fomnats when the PC 102 or the player 201 
accesses an area in the memory card 109. FIG. 7A 
shows rules to be followed for accessing each area. FIG. 
7B shows rules to be followed for changing the size of 
each area. FIG. 7C is a schematic representation of the 

15 areas in the memory card 1 09. 

[0087] The special area 304 is a read-only area and 
can be accessed by a dedicated command without an 
authentication process. The medium ID 341 stored in 
the special area 304 is used to generate or decrypt the 

20 encrypted command which is used to access the au- 
thentication area 332. More specif bally, the PC 102 or 
the player 201 reads out the medium ID 341 , encrypts 
a command to be used to access the authentication area 
332, and sends the encrypted command to the memory 

25 card 109. On receiving the encrypted command, the 
memory card 1 09 decrypts the encrypted command us- 
ing the medium ID 341 , interprets and executes the 
command. 

[0088] The authentication area 332 can be accessed 
30 only when an authentication between an apparatus at- 
tempting to access the memory card 109 such as the 
PC 102 orthe player 201 and the memory card 109 has 
been affirmative. The size of the authentication area 332 
is equal to the size of (YYYY+1) sectors. That is to say, 
35 the authentication area 332 is composed of sector 0 to 
sector YYYY (YYYY^ sector) logically, and is composed 
of sectors having XXXX*^ sector address to 
(XXXX+YYYY)*^ sector address in the flash memory 
303, physically. Note that sector addresses are serial 
40 numbers assigned uniquely to all the sectors constitut- 
ing the flash memory 303. 

[0089] The non-authentication area 331 can be ac- 
cessed by a standard command conforming to the ATA 
or SCSI standard. The size of the non-authentication ar- 

45 ea 331 is equal to XXXX sectors. That is to say, the non- 
authentication area 331 is logically and physically com- 
posed of sector 0 to (XXXX-1)*^ sectors. 
[0090] It should be noted here that an alternate block 
area 501 may be allocated in the flash memory 303 be- 

50 forehand. The alternate block area 501 is a group of al- 
ternate blocks which are used to replace defective 
blocks (blocks that have a defective storage area from/ 
to which data cannot be read/written normally) in the au- 
thentication area 332 or the non-authentication area 

55 331 . 

[0091] In the present embodiment, the special area 
304 can be accessed without authentication. However, 
to prevent unlawful analysis by any persons, the special 
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area 304 may be made accessible only by such appa- 
ratus as having been authenticated affirmatively, or 
commands used for accessing the special area 304 may 
be encrypted. 

[0092] Now, changing the size of the authentication 
area 332 and the non-authentication area 331 will be 
described with reference to FIGs. 7B and 7C. 
[0093] The total storage capacity of the authentication 
area 332 and the non-authentication area 331 in the 
flash memory 303 is equal to the capacity of 
(XXXX+YYYY-i-1) sectors which is a fixed value ob- 
tained by subtracting the alternate block area 501 and 
others from all the storage areas in the flash memory 
303. The sizes of the areas 332 and 331 are each var- 
iable and can be changed by changing the boundary ad- 
dress value XXXX. 

[0094] The first step in the procedure for changing the 
size of an area Is to execute authentication. This authen- 
tication is executed to prevent any users from easily 
changing the size of the area using one of standard 
equipment programs prevalent among PC users or a 
software program Intended for unlawful access. After 
the authentication Is complete, the size of the non-au- 
thentication area 331 (the number of new sectors, 
XXXX) is sent to the memory card 1 09 using a dedicated 
command for changing the area size. 
[0095] The memory card 1 09, on receiving the above 
dedicated command for changing the area size, stores 
the value XXXX in the nonvolatile storage area or the 
like in the memory card 1 09, then controls the succeed- 
ing accesses to the authentication area 332 and the 
non-authentlcatlon area 331 using the value XXXX as 
a new boundary address. More specifically, the memory 
card 109 assigns physical sector 0 to XXXX^^ sector in 
the flash memory 303 to the non-authentication area 
331 , and XXXX^^ to (XXXX+YYYY)^^^ sector to the au- 
thentication area 332. The access control units 325 and 
326 perform the address conversion between a logical 
address and a physical address, and monitors genera- 
tion of an improper access to outside an allocated stor- 
age area. It should be noted here that logical addresses 
are recognized by an external apparatus as addresses 
in a data space of the memory card 1 09, corresponding 
to the values used in the commands, and that the phys- 
ical addresses are addresses in a data space of the flash 
memory 303 contained in the memory card 109. 
[0096] If the authentication area 332 is Increased in 
size by reducing the boundary address, an arrangement 
will be required to maintain the logical compatibility be- 
tween before and after the address change. For this pur- 
pose, all the data stored In the authentication area 332 
are moved (copied) toward smaller addresses by the 
amount of reduction in the boundary address, for exam- 
ple. With this arrangement, physical addresses corre- 
spond to the new logical addresses starting from the 
new boundary address. With this arrangement, the data 
space of the authentication area 332 Is enlarged while 
logical addresses for the data stored in the authentica- 



tion area 332 are maintained. 

[0097] The dedicated command for changing the area 
size may be encrypted before use to prevent unlawful 
accesses. 

5 [0098] FIG. 8 is a flowchart showing a procedure in 
which the PC 1 02 (or the player 201 ) writes a musiccon- 
tent or the like to the memory card 1 09. In the following 
description, it is supposed that the PC 102 writes music 
data to the memory card 1 09 (S601 ). 

10 

(1) The PC 102 executes a challenge-response- 
type authentication with the authentication unit 321 
of the memory card 109 using the device key 111a 
and the like, and extracts the master key 323a from 

'5 the memory card 1 09 when the authentication has 
been affirmative (S602). 

(2) The PC 102 then extracts the medium ID 341 
from the special area 304 In the memory card 1 09 
using a dedicated command (S603). 

20 (3) The PC 102 then generates a random number, 
and generates a password, which is used for en- 
crypting the music data, from the extracted master 
key 323a and the medium ID 341 (S604). In the 
above step, the random number is generated by, for 

25 example, encrypting the challenge data (random 
number) sent to the memory card 109 during the 
authentication process. 

(4) The generated password is encrypted using the 
master key 323a and the medium ID 341, then is 

30 written to the authentication area 332 as the encryp- 
tion key 425 (S605). By this time, before the data 
(encryption key 425) is transmitted, the command 
to write data to the authentication area 332 has 
been encrypted and sent to the memory card 109. 

35 (5) The music data is encrypted using the password 
and stored in the non-authentication area 331 as 
the encrypted content 426 (S606). 

[0099] FIG. 9 is a flowchart showing a procedure in 
40 which a music content or the like Is read out from the 
memory card 109 and played by the player 201 (or the 
PC 102). In the following description, it is supposed that 
music data stored in the memory card 1 09 is played by 
the player 201 (S701). 

45 

(1 ) The player 201 executes a challenge-response- 
type authentication with the authentication unit 321 
of the memory card 109 using a device key 211a 
and the like, and extracts the master key 323a from 

50 the memory card 109 when the authentication has 
been affirmative (S702). 

(2) The player 201 then extracts the medium ID 341 
from the special area 304 in the memory card 109 
using a dedicated command (S703). 

55 (3) The player 201 then extracts the encryption key 
425 of the music data from the authentication area 
332 in the memory card 109 (S704). By this time, 
before the data (encryption key 425) Is read out, the 
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command to read out data from the authentication 
area 332 has been encrypted and sent to the mem- 
ory card 109. 

(4) The obtained encryption l<ey 425 is decrypted 
using the master key 323a and the medium ID 341 5 
to extract a password (8705). This decryption step 

is a reversed step of the encryption step S605 
shown in FIG. 8. 

(5) The encrypted content 426 is read out from the 
non-authentication area 331 and decrypted using io 
the password extracted In the step S705. while the 
decrypted content is played as music (S706). 

[0100] As described above, the music data stored in 
the non-authentication area 331 in the memory card 1 09 
cannot be decrypted without the encryption key 425 
stored in the authentication area 332. Accordingly, even 
it only music data is unlawfully copied to another mem- 
ory card, the copied music data cannot be normally 
played. With this construction, the copyright of the music 20 
data is safely protected. 

[0101] As also described above, only apparatuses 
that have been authenticated affirmatively are pemnitted 
to access the authentication area in the memory card. 
This construction provides a copyright protection in 25 
which only the apparatuses that satisfy certain condi- 
tions are permitted to access the authentication area in 
the memory card. This is achieved by selectively using 
the device key, the encryption algorithm or the like that 
are used for authentication. 

[0102] In the above example, when an encrypted con- 
tent is written to the memory card 1 09 . first the password 
used in the encryption is encrypted using the master key 
and the medium ID, then the encrypted password is 
stored in the authentication area 332 as the encryption 35 
key (S605). However, either the master key or the me- 
dium ID may be used to encrypt the password. This con- 
struction simplifies the encryption and provides a merit 
that the circuit size of the memory card 1 09 or the player 
102 is reduced, although there is a possibility that the 40 
intensity of the encryption is weakened. 
[0103] In the above example, the player 201 and the 
PC 1 02 can extract the master key 323a from the mem- 
ory card 1 09 only when the authentication has been af- 
firmative. However, the master key 323a may be em- 45 
bedded in the player 201 or the PC 102 beforehand. Al- 
ternatively, the master key 323a may be encrypted and 
stored in the special area 304 as an encrypted master 
key. 

[0104] Now, two examples of the use of the authenti- 50 
cation area of the memory card will be described. In the 
two examples, "the number of read-outs" and "the. 
number of pemnitted digital outputs" are stored in the 
authentication area, respectively. 

[0105] FIG. 1 0 is a flowchart showing the operation in 55 

which the player 201 (or the PC 102) handles the 
number of read-outs 812 stored in the authentication ar- 
ea in the memory card 1 09. In the present example, the 



player 201 can play the music data stored in the non- 
authentication area 331 in the memory card 109 as an 
audio signal as many times as indicated by the number 
of read-outs 812 stored in the memory card 1 09 (S801 ). 

(1 ) The player 201 executes a challenge-response- 
type authentication with the authentication unit 321 
of the memory card 109 using a device key 211a 
and the like, and extracts the master key 323a from 
the memory card 1 09 when the authentication has 
been affimnative (S802). 

(2) The player 201 then extracts the medium 10 341 
from the special area 304 in the memory card 109 
using a dedicated command (S803). 

(3) The player 201 then extracts the encryption key 
425 of the music data from the authentication area 
332 in the memory card 109 (S804). By this time, 
before the data (encryption key 425) is read out. the 
command to read out data from the authentication 
area 332 has been encrypted and sent to the mem- 
ory card 109. 

(4) Th e p lay e r 2 0 1 th e n ext racts thenumberof read - 
outs 812 from the authentication area 332 in the 
memory card 1 09, and checks the number of read- 
outs 812 (S804). When the number indicates allow- 
ance of limitless reading out, the player 201 plays 
the music in accordance with the procedure (S704 
to S706) shown in FIG. 9 (S806 to S808). 

(5) When the number of read-outs 812 is 0, it is 
judged that no reading out is allowed (S805), and 
the play process ends (S809). When the number of 
read-outs 812 is a value other than 0 and does not 
indicate allowance of limitless reading out, the play- 
er 201 reduces the number by one, writes the re- 
sultant number to the authentication area 332 
(S805), then plays the music in accordance with the 
procedure (S704 to S706) shown in FIG. 9 (S806 
to S808). 

[0106] As described above, it is possible for the player 
201 to control the number of times the player 201 plays 
the music by prestoring the number of read-outs 812 
which shows the number of times the music can be 
played. This enables the present technique to be ap- 
plied to analog reproduction of music obtained through, 
for example, rental CDs or kiosk temninals (online vend- 
ing machines for music distribution connected to a com- 
munication network). 

[0107] It should be noted here that "read-out time" 
may be stored instead of the number of read-outs 812 
to impose a limitation on the total time the music content 
can be played. Alternatively, combined information of 
the number of times and a time may be stored instead. 
As another example, the number of read-outs 812 may 
be reduced when the content is kept to be played after 
a certain period (e.g., 10 seconds). As another example, 
the number of read-outs 812 may be encrypted then 
stored so that the infomiation is protected from tamper- 
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ing. 

[01 08] FIG. 11 is a flowchart showing the operation in 
which the player 201 (or the PC 102) handles the 
number of permitted digital outputs 913 stored in the au- 
thentication area In the memory card 1 09. in the present s 
example, the player 201 can read out the music data 
from the non-authentication area 331 in the memory 
card 1 09 and output the read digital music data as many 
times as indicated by the number of permitted digital out- 
puts 91 3 stored in the memory card 1 09 (S901 ). io 

(1) The player 201, as in the steps S701 to S705 
shown in FIG. 9, executes an authentication with 
the memory card 1 09 to extract the master key 323a 
(S902), extracts the medium ID 341 (S903), ex- is 
tracts the encryption key 425 (S904), and extracts 

a password (S905). 

(2) The player 201 then extracts the number of per- 
mitted digital outputs 913 from the authentication 
area 332 in the memory card 1 09, and checks the 
number of permitted digital outputs 913 (S906). 
When the number indicates allowance of limitless 
digital output, the player 201 reads out the encrypt- 
ed content 426 from the non-authentication area. 
331 , and decrypts the encrypted content 426 to dig- 2S 
ital data using the password extracted in the step 
S905 and outputs the decrypted digital data from 

the digital output terminal 205 as digital music data 
(S909). 

(3) When the number of pemiitted digital outputs 30 
913 is 0, it is judged that no digital output is allowed 
(S908), and the data is played only by analog output 

(5908) . More specifically, the encrypted content 
426 is read out from the non-authentication area 
331 , and music is played while the content is de- 35 
crypted using the password (S908). 

(4) When the number of permitted digital outputs 
913 is a value other than 0 and does not indicate 
allowance of limitless digital output, the player 201 
reduces the number by one, writes the resultant 40 
number to the authentcation area 332 (S907), then 
reads out the encrypted content 426 from the non- 
authentication area 331, decrypts the encrypted 
content 426 to digital data using the password ex- 
tracted in the step S905 and outputs the decrypted 45 
digital data from the digital output terminal 205 

(5909) . 

[0109] As described above, the number of digital out- 
puts from the player 201 can be controlled by storing the so 
number of permitted digital outputs 913 In the authenti- 
cation area 332 in the memory card 109. This enables 
the present technique to be applied to digital reproduc- 
tion of music obtained through, for example, rental CDs 
or kiosk temninals, which is to say, digital dubbing of mu- S5 
sic data stored in a memory card can be permitted a 
certain times in the authority of the copyright owner. 
[0110] It should be noted here that as with "the 



number of read-outs", "pennitted digital output time" 
may be stored instead of the number of permitted digital 
outputs 91 3 to impose a limitation on the total time digital 
data of the music content can be output. Alternatively, 
combined infomnation of the number of permitted digital 
outputs and a time may be stored instead. As another 
example, the number of permitted digital outputs 913 
may be reduced when the content is kept to be output 
after a certain period (e.g., 1 0 seconds). As another ex- 
ample, the number of permitted digital outputs 913 may 
be encrypted then stored so that the infomnation is pro- 
tected from tampering. 

[0111] A function may be added so that the number 
of permitted digital outputs can be increased by a 
number which is specified by the copyright owner in cor- 
respondence to a charge the copyright owner receives. 
[0112] Now, the physical data structure (structure of 
the sector and the ECC block) of the memory card 109 
will be described. 

[0113] The memory card 109 adopts such a data 
structure as is suitable for preventing unlawful acts re- 
lated to the back up or restoration of the data stored in 
the flash memory 303 and for preventing unlawful acts 
related to the data tampering. Such a data structure is 
adopted due to the necessity for dealing with the unlaw- 
ful operations that may be performed on the above 
methods in which "the number of read-outs" or "the 
number of permitted digital outputs" is stored in the au- 
thentication area 332 and the value is reduced each time 
the process is performed. 

[0114] More specifically, the music may be repeatedly 
played after the whole data recorded in the flash mem- 
ory 303 is backed up to an external auxiliary storage ap- 
paratus of the like. By doing this, when the number of 
permitted play operations becomes 0, the music can be 
repeatedly played again by restoring the back up data. 
Also, the music may unlawfully be played repeatedly by 
tampering the number of read-outs. As a result, it is nec- 
essary to make some arrangement to prevent such un- 
lawful acts. 

[0115] FIG. 12 shows a data structure which is com- 
mon to the authentication and non-authentication areas 
332 and 331 of the memory card 109, and also shows 
a flowchart of the reading/writing process corresponding 
to the data structure. 

[01 16] In the present example, the counter value gen- 
erated by the random number generator 1 03 of the au- 
thentication unit 321 in the control IC 302 is used as a 
time-variant key. 

[0117] A 16-byte extension area 1005 is assigned to 
each of 51 2-byte sectors 1 004 in the flash memory 303 . 
Each sector stores data which has been encrypted us- 
ing the counter value. The extension area 1 006 is com- 
posed of ECC data 1006 and a time-variant area 1007. 
The ECC (Error-Correcting Code) data 1006 is 8-byte 
data being an ECC for the encrypted data stored in the 
cunrent sector The time-variant area 1 007 is 8-byte and 
stores a counter value used for generating the encrypt- 
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ed data stored in the current sector. 
[0118] It should be noted here that only the sectors 
1 004 can be accessed logically (i.e. , using a public com- 
mand or the like), and that only the extension area 1005 
can be accessed physically (i.e., controlled by an appa- 
ratus that reads/writes data fromAo the memory card). 
[0119] With the above construction, unlawful data 
tampering can be prevented by comparing the sector 
data with the contents of the time-variant area 1 007. 
where even if the sector data is tampered using a com- 
mand or the like, the contents of the time-variant area 
1007 do not change. 

[0120] More specifically, the PC 1 02 or the player 201 
writes/reads data to/from the authentication area 332 or 
the non-authentication area 331 in the flash memory 
1 09 following the procedure shown below in units of sec- 
tors 1004. First, the procedure in which the PC 102 
writes data to the memory card 109 (SI 001) will be de- 
scribed. 

(1) The PC 102 requests the memory card 109 to 
issue a counter value. In response to this request, 
the control IC 302 in the memory card 109 gener- 
ates a random number using a random number gen- 
erator 1 003 contained in the control IC 302 (S1 005), 
and sends the generated random number to the PC 
1 02 as the counter value (S1 002). 

(2) A password is generated from the received 
counter value and the master key 323a and the me- 
dia ID 341 which have already been obtained 
(S1003). 

(3) One sector of data to be written is encrypted us- 
ing a password and sent to the memory card 1 09 
(SI 004). Together with the encrypted data, (i) infor- 
mation specifying the location of a sector to which 
the encrypted data is to be written, and (ii) the coun- 
ter value used for the encryption are sent to the 
memory card 109. 

(4) The memory card 1 09 writes the encrypted data 
to the specified sector 1004 (SI 006). 

(5) An ECC is obtained by calculation from the en- 
crypted data, and the obtained ECC is written to the 
extension area 1005 as the ECC data 1006 
(SI 007). 

(6) The counter value received together with the en- 
crypted data is written to the time-variant area 1 007 
(S100B). 

[0121] Next, the procedure in which the PC 1 02 reads 
out data from the memory card 1 09 (S1 01 1 ) will be de- 
scribed. 

(1) The PC 102 requests the memory card 109 to 
read out data by specifying the location of a sector 
from which the data is to be read out. On receiving 
the request, the memory card 1 09 first reads out en- 
crypted data from the specified sector 1 004 and out- 
puts the read-out data to the PC 102 (SI 01 6). The 



PC 102 receives the encrypted data (S1012). 

(2) The memory card 109 then reads out a counter 
value from the time-variant area 1 007 in the exten- 
sion area 1005 corresponding to the specified sec- 

5 tor 1004, and sends the read-out counter value to 
the PC 1 02 (SI 017). The PC 1 02 receives the coun- 
ter value (SI 013). 

(3) A password is generated from the read-out 
counter value and the master key 323a and the me- 

10 dia ID 341 which have already been obtained 
(S1014). 

(4) The encrypted data is decrypted using the pass- 
word (SI 005). 

15 [0122] Here, if the data in the sector 1 004 has been 
changed by tannpering or the like, the decryption fails 
due to mismatch between the counter value read out 
from the time-variant area 1 007. 

[0123] As described above, the flash memory 303 

20 contains the time-variant area 1007, a hidden area 
which cannot be seen (accessed) by users. Data is en- 
crypted and stored using a password which is generated 
using a counter value stored in the time-variant area 
1007. With this construction, the data is protected from 

25 unlawful tampering by users. 

[0124] In the above example, the time-variant area 
1007 is provided in the extension area 1 005 for storing 
the ECC. However, it is possible to provide the time-var- 
iant area 1007 within another area in the flash memory 

30 303 in condition that data stored in the area cannot be 
changed from outside the memory card. 
[0125] In the above example, a random number is 
used as the counter value. However, the counter value 
may be a timer value indicating a time that changes eve- 

35 ry instant, or may be the number of times data has been 
written to the flash memory 303. 
[0126] Now, a desirable example of a relationship be- 
tween the logical addresses and physical addresses in 
the flash memory 303 will be described. 

40 [0127] FIGs. 13A to 13D show a change in the rela- 
tionship between the logical addresses and physical ad- 
dresses. FIG. 13A shows the relationship before the 
change. FIG. 13B shows the relationship after the 
change. FIG. 13C shows a conversion table 1101 cor- 

45 responding to FIG. A. FIG. 13D shows the conversion 
table 1101 corresponding to FIG. B. 
[0128] The conversion table 1101 is a table in which 
all the logical addresses (in FIGs. 13A to 13D, serial 
numbers of the logical blocks) are stored with corre- 

50 spending physical addresses (in FIGs. 13A to 13D, se- 
rial numbers of the physical blocks constituting the flash 
memory 303). The conversion table 11 01 is stored in a 
nonvolatile area in the control IC 302 or the like and is 
referred to by the authentication area access control unit 

55 325 or the non-authentication area access control unit 
326 when, for example, a logical address is converted 
into a physical address. 

[0129] Devices accessing the memory card 1 09 can- 
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not write data to ali the data storage spaces that physi- 
cally exist in the memory card 109 (i.e., all the physical 
blocks constituting the flash memory 303), but can write 
data only to logical data spaces (logical blocks) that are 
specified by the logical addresses. 
[0130] The above arrangement is made, for one rea- 
son, to secure an alternative area which would replace 
an area from/to which data cannot be read/written due 
to a partial defect of the flash memory 303. Even if such 
a defect block has been replaced by an alternative 
block, changing the conversion table so as to reflect the 
change in the correspondence between the logical and 
physical block numbers enables the flash memory 303 
to pretend against external devices that no defects have 
been caused. This is because in each file, the logical 
continuity, which corresponds to a plurality of continu- 
ous physical blocks, is maintained. 
[0131] However, the fragmentation of logical blocks 
increases when, for example, a file composed of a plu- 
rality of blocks is repeatedly stored or deleted in/from 
the memory card 109. A specific example of this is 
shown in FIG. 13A in which the logical addresses (0 and 
2) of the logical blocks constituting "file 1 " are discontin- 
uous. 

[0132] When such discontinuity of logical blocks oc- 
curs, for example, music data cannot be written to con- 
tinuous logical areas in the memory card 109. This ne- 
cessitates issuance of the write command "Write ad- 
dress count" for each block, resulting in reduction in the 
writing speed. Similarly, this necessitates issuance of 
the read command "Read address count" for each block 
even when music data of one tune is to be read out, 
making the real-time reproduction of the music data dif- 
ficult. 

[01 33] To solve the above problem, the control IC 302 
of the memory card 109 has a function to rewrite the 
conversion table 11 01 based on a command issued from 
an external device. More specifically, when a dedicated 
command for rewriting the conversion table 1 1 01 is input 
from a command pin, the control IC 302 of the memory 
card 109 interprets the dedicated command and re- 
writes the conversion table 1101 using a parameter that 
is sent after the dedicated command. 
[0134] The above operation will be detailed using an 
example shown in FIGs. 13Ato 13D. Suppose that be- 
fore the above dedicated command is received, the 
flash memory 303 contains data constituting the file 
"fiiel" at locations indicated by physical addresses 0 
and 2, and data constituting the file "file2" at a location 
indicated by physical address 1 , as shown in FIG. 13A, 
and that the conversion table 1 1 01 shows that the logical 
addresses match the physical addresses. That is to say, 
in the logical addresses, as well as in the physical ad- 
dresses, the data of "file2" is sandwiched by the data of 
"filel". 

[0135] With an intention of solving the above state, an 
extemal device sends the above dedicated command 
and a parameterto the flash memory 303, the dedicated 



command instructing to secure the continuity of "file1". 
The command judgement control unit 322 of the mem- 
ory card 1 09, in accordance with the received dedicated 
command and parameter, rewrites the conversion table 
5 1101 as shown in FIG. 13D. FIG. 13B shows the rela- 
tionship between the logical and physical addresses in 
the flash memory 303 after the above sequence of op- 
erations. 

[0136] As understood from FIG. 13B, though the ar- 

^0 rangement of the physical blocks has not been changed, 
the logical blocks constituting "filel" have been relocat- 
ed to be successive. With this arrangement, the external 
device can access "filel " at a higher speed than before 
in the next access and after. 

^5 [0137] The conversion table 1101 can be rewritten as 
above not only to solve the fragmentation of logical 
blocks, but also to change the size of each of the au- 
thentication area 332 and non-authentication area 331 
in the flash memory 303. In the latter case, a high-speed 

20 area relocation is possible since the conversion table 
1101 is rewritten so that a physical block to become 
small is located as a physical block to become large. 
[0138] Now, afunction of the memory card 109 related 
to not-deleted blocks will be described. More specifical- 

25 ly operations of the memory card 1 09 when receiving a 
not-deleted block list command and an delete command 
will be described. Here, the not-deleted blocks are phys- 
ical blocks in the flash memory 303 which contain data 
that has not physically been deleted. That is to say, data 

30 in the not-deleted blocks needs to be deleted at once 
before the blocks are used next (before another data is 
written to the not-deleted blocks). 
[0139] The not-deleted block list command is one of 
the commands the command judgement control unit 

35 322 can interpret and execute, and is used to obtain a 
list of all the not-deleted blocks in the flash memory 303. 
[0140] The existent data stored in the flash memory 
303 of the memory card 1 09 must be deleted in units of 
blocks before data is newly written to the flash memory 

40 303. The time for the deletion is approximately a half of 
the total time of writing. As a result, the total time of writ- 
ing is reduced if the deletion has been completed be- 
forehand. Accordingly, to achieve this, the memory card 
109 provides the extemal device the not-deleted block 

45 list command and the delete command. 

[0141] Suppose that the current use state of the logi- 
cal blocks and physical blocks of the flash memory 303 
is shown in FIG. 14A. As shown in FIG. 14A, logical 
blocks 0 to 2 are currently used, and physical blocks 0 

50 to 2, 4, and 5 are not-deleted blocks. 

[0142] A not-deleted block list 1203 is stored in the 
command judgement control unit 322 in the above state. 
The contents of the not-deleted block list 1203 corre- 
sponding to the use state of the blocks shown in FIG. 

55 1 4A are shown in FIG. 1 4B. Here, the not-deleted block 
list 1 203 is a storage table composed of entries corre- 
sponding to all the physical blocks constituting the flash 
memory 303 and having values which indicate the data 
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deletion states (blocks whose data has been deleted are 
jncidated by "0", and blocks whose data has not been 
deleted are incidated by "1 ") of the con-esponding phys- 
ical blocks under the control of the command judgennent 
control unit 322. 

[0143] FIG. 14C is a flowchart showing the procedure 
of the PC 1 02 or the player 201 for deleting blocks be- 
forehand using the not-deleted block list command and 
the delete command In the above-stated states. It is pre- 
sumed here that the flash memory 303 contains a table 
such as FAT (File Allocation Table) which shows the use 
state of the logical blocks, as shown in FIG. 14D. 
[0144] An external device such as the PC 1 02 or the 
player 201 issues the not-deleted block list command to 
the memory card 1 09 during an idle time in which the 
memory card 1 09 is not accessed (S1 201 }. On receiving 
the command, the command judgement control unit 322 
of the memory card 109 refers to the not-deleted block 
lisl 1 203 contained in the command judgement control 
unit 322, detects that physical blocks 0 to 2, 4, and 5 are 
assigned a state value "1 and sends the physical block 
numbers to the external device. 

[01 45] The external device then refers to the table that 
shows the use state of logical blocks in the flash memory 
303 shown in FIG. 14D to identify the blocks that are not 
used logically (S1202). 

[01 46] The extemal device identifies, based on the in- 
formation obtained in the steps S1201 and S1202, 
"deietable" blocks that are not used logically and have 
not been deleted physically (physical blocks 4 and 5 in 
the present example) (S1 203). The external device then 
issues the delete command specifying the physical 
block numbers 4 and 5 to the memory card 1 09 (SI 204). 
On receiving the command, the command judgement 
control unit 322 of the memory card 1 09 deletes the 
physical blocks 4 and 5 by sending instructions to the 
authentication area access control unit 325 and the non- 
authentication area access control unit 326. 
[0147] After the above operation is complete, data is 
written to the physical blocks 4 and 5 at a high speed 
since the deletion process is not required for the writing. 
[0148] Now, afunction of the memorycard 109 related 
to personal data protection will be described. More spe- 
cifically, the personal data protection function is used 
when the memory card 109 checks an external device 
for authentication and requires personal data of the user 
of the external device. Here, each piece of the personal 
data is unique to a user and is used to identify the user. 
The user with proper personal data is recognized by the 
memory card 1 09 as an authorized user permitted to ac- 
cess the authentication area 332 in the memory card 
109. 

[0149] Here, if the user is requested to input the per- 
sonal data each time the user accesses the authentica- 
tion area 332, or if the input personal data is stored in 

the authentication area 332 for each of such accesses, 
a problem might occur that the personal data is tapped 
by someone or read unlawfully by another user who has 



an authority to access the authentication area 332. 
[01 50] One possible solution to this problem would be 
encrypting the personal data using a password provided 
by the user personally and storing the encrypted per- 

5 sonal data, in the same way as music data. 

[0151 ] However, in the above case, the user needs to 
input the password each time the personal data is 
checked. The procedure is troublesome and the man- 
agement of the password is also required. Accordingly, 

10 the memory card 109 provides afunctlon to sidestep the 
problem of unnecessarily and repeatedly inputting the 
personal data. 

[0152] FIG. 15 shows a communication sequence in 
an authentication between the player 201 and the mem- 

15 ory card 1 09 and also shows main components used In 
the authentication. Note that the processes shown in 
FIG. 1 5 are mainly achieved by the authentication circuit 
21 6 of the player 201 and the authentication unit 321 of 
the memory card 109. 

20 [0153] As shown in FIG. 15, the authentication circuit 
21 6 of the player 201 has the encryption and decryption 
functions, and also prestores a master key 1301 which 
is a secret key being equal to the master key 323a held 
by the memory card 1 09, and a device ID 1 302 which is 

25 an ID unique to the player 201 , such as a product serial 
nunnber (s/n). 

[0154] The authentication unit 321 of the memory 
card 109 has the encryption, decryption, and compari- 
son functions, and also has two nonvolatile storage ar- 

30 eas: a device ID group storage area 1310 and a user 
key storage area 1 31 1 . The device ID group storage ar- 
ea 1310 stores device IDS of all the devices permitted 
to access the authentication area 332 in the memory 
card 1 09. The user key storage area 1311 stores a user 

35 key sent from a device as personal data. 

[01 55] The authentication procedure will be described 
in detail below. Note that in the transmissions and re- 
ceptions, all the data is encrypted before transmission, 
and the encrypted data is decrypted in the reception 

40 side. A key to be used in the encryption and decryption 
is generated during the following procedure. 

(1) After the memory card 109 is connected to the 
player 201 , first, the player 201 encrypts the device 

45 ID 1302 using the master key 1301 , and sends the 
encrypted device ID 1 302 to the memory card 1 09. 

(2) The memory card 1 09 decrypts the received en- 
crypted device ID 1302 using the master key 323a, 
and checks whether the obtained device ID 1302 

50 has already been stored in the device ID group stor- 
age area 1310. 

(3) When it is judged that the device ID 1302 has 
already been stored, the memory card 109 notifies 
the player 201 that the authentication has been af- 

55 fimiative. When it is judged that the device ID 1 302 
is not stored, the memory card 109 requests the 
player 201 to send a user key. 

(4) The player 201 urges the user to input the user 
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key, obtains the user key as persona! data of the 
user, and sends the obtained user key to the mem- 
ory card 109. 

(5) The memory card 109 compares the received 
user key with the user key having been prestored 
in the user key storage area 1311. When having 
judged that the two user keys match, or when the 
user key storage area 1311 is vacant, the memory 
card 109 notifies the player 201 that the authenti- 
cation has been affirmative, and stores the device 
ID 1 302 obtained in the above step (3) tin the device 
ID group storage area 1310. 

[01 56] With the above arrangement, when a device of 
the user Is connected to the memory card 109 for the 
first time, the user is required to input personal data (a 
user key). However, in the second connection and after, 
the user is no more requested to input the personal data 
since automatical!, the authentication completes affirm- 
atively using the device ID. 

[01 57] Now, a variation of the authentication protocol 
between the memory card 1 09 and an external device 
such as the PC 1 02 or the player 201 will be described 
with reference to FIGs. 16 and 17. 
[0158] FIG. 16 shows a communication sequence in 
a variation of the authentication between the memory 
card 109 and an external device (in the present exam- 
ple, the player 201). 

[0159] Note that the processes shown in FIG. 1 6 are 
mainly achieved by the authentication circuit 21 6 of the 
player 201 , a control program 1 1 1 b of the PC 1 02, and 
the authentication unit 321 of the memory card 1 09. It 
is presumed here that the master key storage unit 323 
of the memory card 1 09 stores an encrypted master key 
(encrypted master key 323), and that the special area 
304 stores a secure medium ID 343 as well as the me- 
dium ID 341 , the secure medium ID 343 being generat- 
ed by encrypting the medium ID 341 , 
[0160] First, the player 201 issues a command to the 
memory card 109 to obtain the master key 323b from 
the memory card 1 09, and decrypts the obtained master 
key 323b using the device key 211 a. The decryption al- 
gorithm used in this decryption corresponds to the en- 
cryption algonthm used in the encryption of the master 
key 323b which has now been read out from the memory 
card 109. Therefore, when the device key 21 1a the play- 
er 201 has is an authorized one, the decryption is ex- 
pected to restore the original master key. 
[0161] The player 201 then issues a command to the 
memory card 1 09 to obtain the medium ID 341 from the 
memory card 1 09, and encrypts the obtained medium 
ID 341 using the restored master key. The encryption 
algorithm used in this encryption is the same as the en- 
cryption algorithm used in the encryption of the secure 
medium ID 343 which is stored in the memory card 1 09. 
Therefore, the encryption provides a secure medium ID 
which is the same as the secure medium ID 343 con- 
tained in the memory card 109. 



[01 62] The player 201 and the memory card 1 09 per- 
forms a mutual authentication using the secure medium 
IDs they respectively have. Through this mutual authen- 
tication, each of the devices generates (OK/NG) infor- 

5 mation and a secure key, the (OK/NG) infomiation indi- 
cating whether the remote device has been authenticat- 
ed, and the secure key being a time-variant key that de- 
pends on the authentication result. The secure keys 
owned by both devices match only when both devices 

10 201 and 1 09 affirmatively authenticate the other devic- 
es, and the secure keys change each time a mutual au- 
thentication is performed. 

[0163] After a mutual authentication has completed 
affirmatively, the player 201 generates a command 

IS which is used to access the authentication area 332 in 
the memory card 109. More specifically, for example, 
when data is read out from the authentication area 332, 
a parameter (a 24-bit address "address" and an 8-bit 
count "count") of the command "SecureRead address 

20 count" is encrypted using the secure key, and an en- 
crypted command, which is generated by combining the 
encrypted parameter and a tag (a 6-bit code indicating 
a command type "SecureRead") of the command, is 
sent to the memory card 1 09. 

25 [0164] On receiving the encrypted command, the 
memory card 1 09 judges the type of the command. In 
the present example, the command is judged to be "Se- 
cureRead" to read data from the authentication area 
332. 

30 [0165] When the command is judged to be a com- 
mand to access the authentication area 332, the param- 
eter contained in the command is decrypted using the 
secure key obtained through the mutual authentication. 
The decryption algorithm used in this decryption corre- 

35 spends to the encryption algorithm used in the encryp- 
tion of the command by the player 201 . Therefore, when 
the mutual authentication completes affirmatively, that 
is to say, when the secure keys used by both devices 
match, the parameter obtained by the decryption should 

40 be equal to the original parameter used by the player 
201. 

[0166] The memory card 109 then reads out the en- 
cryption key 425 from a sector in the authentication area 
332 indicated by the decrypted parameter, encrypts the 

45 read-out encryption key 425 using the secure key, and 
sends the encrypted encryption key to the player 201. 
[01 67] The player 201 decrypts the received data us- 
ing the secure key obtained through the mutual authen- 
tication. The decryption algorithm used in this decryp- 

50 tion corresponds to the encryption algorithm used in the 
encryption of the encryption key 425 by the memory 
card 109. Therefore, when the mutual authentication 
completes affirmatively, that is to say, when the secure 
keys used by both devices match, the data obtained by 

55 the decryption should be equal to the original encryption 
key. 425. 

[0168] The memory card 1 09, each time a command 
to access the authentication area 332 is executed, dis- 
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cards (deletes) a secure key used in the command ex- 
ecution. With this arrangement, an external device at- 
tempting to access the authentication area 332 in the 
memory card 1 09 needs to perform a mutual authenti- 
cation each time the external device issues a command 
and to be affirmative in the authentication beforehand. 
[0169] FIG. 17 shows a communbatlon sequence in 
a detailed procedure of the mutual authentication shown 
in FIG. 16. In the present example, the memory card 
1 09 and the player 201 perfomri a challenge-response- 
type mutual authentication. 

[0170] The memory card 109 generates a random 
number and sends the random numberto the player 201 
as challenge data to check the properness of the player 
201 . The player 201 encrypts the challenge data and 
retums the encrypted challenge data to the memory 
card 1 09 as response data to certify the properness of 
the player 201 . The memory card 1 09 encrypts the ran- 
dom number sent as challenge data, and compares the 
received response data with the encrypted challenge 
data. When the received response data and the encrypt- 
ed challenge data match, the memory card 109 judges 
that the authentication of the player 201 has been af- 
firmative (OK), and receives a command to access the 
authentication area 332 from the player 201 . When the 
received response data and the encrypted challenge 
data do not match, the memory card 1 09 judges that the 
authentication of the player 201 has not been affirmative 
(NG), and if the player 201 sends a command to access 
the authentication area 332 after the judgement, the 
memory card 109 rejects the command. 
[0171] The player 201 performs a similar authentica- 
tion procedure to check the properness of the memory 
card 1 09. That is to say, the player 201 generates a ran- 
dom number and sends the random numberto the mem- 
ory card 1 09 as challenge data to check the properness 
of the memory card 1 09. The memory card 1 09 encrypts 
the challenge data and returns the encrypted challenge 
data to the player 201 as response data to certify the 
properness of the memory card 1 09. The player 201 en- 
crypts the random number sent as challenge data, and 
compares the received response data with the encrypt- 
ed challenge data. When the received response data 
and the encrypted challenge data match, the player 201 
judges that the authentication of the memory card 1 09 
has been affimriative (OK), and accesses the authenti- 
cation area 332 in the memory card 109. When the re- 
ceived response data and the encrypted challenge data 
do not match, the player 201 judges that the authenti- 
cation of the memory card 1 09 has not been affirmative 
(NG), and gives up accessing the authentication area 
332. 

[0172] All the encryption algorithms used in the mu- 
tual authentication should be the same as far as the 
memory card 109 and the player 201 are authorized 
ones The memory card 109 and the player 201 obtain 
a secure key by performing an exclusive-or operation 
using the encrypted challenge data and the response 



data obtained through the authentication and certifica- 
tion of the properness. The obtained secure key, or the 
result of the above exclusive-or operation, is used for 
accessing the authentication area 332 in the memory 

5 card 109. With this arrangement, it is possible for both 
devices 1 09 and 201 to share a time-variant secure key 
that is common to them only when they have been af- 
fimiative in the authentication. This renders the affirm- 
ative authentication a necessary condition for accessing 

10 the authentication area 332. 

[0173] The secure key may be a result of an exclu- 
slve-or operation using the encrypted challenge data, 
the response data, and the secure medium ID. 
[0174] Now, a variation of a function to change the 

15 boundary between the authentication area 332 and non- 
authentication area 331 in the memory card 1 09 will be 
described with reference to FIGS. 18 and 19. 
[0175] FIGs. 18A to 180 Show the use state of the 
flash memory 303 before the boundary is changed. FIG. 

20 18A is a memory map showing the construction of the 
physical blocks in the flash memory 303. 
[01 76] FIG . 1 8B shows a conversion table 1 1 03 which 
is dedicated to the non-authentication area 331 and is 
stored in a nonvolatile storage area in the non-authen- 

25 tication area access control unit 326. The conversion ta- 
ble 11 03 shows relationships between the logical blocks 
and physical blocks in the non-authentication area 331 . 
The non-authentication area access control unit 326 re- 
fers to the conversion table 1 1 03 to convert a logical ad- 

30 dress into a physical address or to detect an improper 
access accessing outside an allocated storage area. 
[0177] FIG. 180 shows a conversion table 11 02 which 
is dedicated to the authentication area 332 and is stored 
in a nonvolatile storage area in the authentication area 

35 access control unit 325. The conversion table 1102 
shows relationships between the logical blocks and 
physical blocks in the authentication area 332. The au- 
thentication area access control unit 325 refers to the 
conversion table 1102 to convert a logical address Into 

40 a physical address or to detect an improper access ac- 
cessing outside an allocated storage area. 
[0178] As shown in FIG. 1 8A, before the boundary is 
changed, out of the flash memory 303 composed of 
physical blocks 0000 to FFFF, physical blocks FOOO to 

45 FFFF are allocated to the alternate block area 501 , 
physical blocks 0000 to DFFF whose addresses are 
lower than the boundary are allocated to the non-au- 
thentication area 331 , and physical blocks EOOO to 
EFFF whose addresses are higher than the boundary 

50 are allocated to the authentication area 332. 

[01 79] As understood from the conversion table 1 1 03 
shown in FIG. 1 SB, the logical block numbers match the 
physical block numbers in the non-authentication area 
331 . On the other hand, as understood from the conver- 
ts sion table 1102 shown in FIG. 180, there is an inverse 
relationship between the logical block numbers and the 
physical block numbers in the authentication area 332. 
That is to say. logical blocks 0000 to OFFF correspond 
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to physical blocks EFFF to EOOO, respectively. This ar- 
rangement has been made by considering that the log- 
ical blocks are used in ascending order, and that when 
the boundary is moved, data in the physical blocks to 
be moved needs to be saved or moved. 5 
[0180] FIGs. 19A to 19C show the use state of the 
flash memory 303 after the boundary is changed. FIGs. 
19Ato ISCcon^espondto FIGs. 18Ato 18C, respective- 
ly. Note that the boundary change is achieved by the 
following procedure: io 

(1 ) A dedicated command specifying an address of 
the boundary is input to the command judgement 
control unit 322 via a command pin; and 

(2) The command judgement control unit 322 re- ^5 
writes the conversion table 1102 in the authentica- 
tion area access control unit 325 and the conversion 
table 1103 in the non-authentlcatlon area 331. 

[0181] As shown in FIGs. 19A to 19C, the boundary 20 
is moved from between the physical blocks EOOO and 
DFFF to between the physical blocks DODO and CFFF. 
That means the size of the non -authentication area 331 
is reduced by 1 0OO(hex) blocks, and the size of the au- 
thentication area 332 is Increased by 1 0OO(hex) blocks. 25 
[0182] As shown in FIG. 19B, along with the above 
boundary change, the size of the conversion table 11 03 
of the non-authentication area 331 is reduced by 1000 
(hex) entries, and the si7e of the authentication area 332 
is increased by lOOO(hex) entries, so that the conver- so 
sion table 1 1 03 shows logical blocks 0000 to CFFF with 
corresponding physical blocks 0000 to CFFF. In con- 
trast, as shown in FIG. 19C, the size of the conversion 
table 1102 of the authentication area 332 is increased 
by 1 0OO(hex) entries, and the size of the authentication 35 
area 332 is increased by lOOO(hex) entries, so that the 
conversion table 1102 shows logical blocks 0000 to 
1 FFF with corresponding physical blocks EFFF to DOOO. 
[0183] As described above, a boundary is set be- 
tween the authentication area and the non-authentica- 40 
tion area in the flash memory 303, and the size of both 
areas is changed by moving the boundary. This enables 
the memory card 109 to be used for various purposes. 
For example, the memory card 1 09 may be mainly used 
for storing digital contents which need to be protected 
by copyright, or the memory card 109 may be mainly 
used for other than storing such digital contents. 
[0184] In both the -authentication area and the non- 
authentication area, the amount of processing in moving 
and saving data along with the boundary change can be so 
reduced by corresponding the logical blocks to the phys- 
ical blocks so that physical blocks are used in the order 
of remoteness starting at the most remote one. 
[0185] The above correspondence between the logi- 
cal and physical blocks is easily achieved when the con- 55 
version table 1102 dedicated to the authentication area 
332 and the conversion table 11 03 dedicated to the non- 
authentication area 331 are separately provided. 



[0186] In the above example, in the authentication ar- 
ea 332, there is an inverse relationship between the log- 
ical addresses and the physical addresses in units of 
blocks. However, other units maybe used. For example, 
there may be an inverse relationship between the logical 
addresses and the physical addresses in units of sec- 
tors or bytes. 

[01 87] Up to this point, the memory card of the present 
invention has been described in its embodiment and 
variations. However, the present invention is not limited 
to the embodiment and variations. 
[0188] In the above embodiment, the PC 102 or the 
player 201 is required to perform a mutual authentica- 
tion with the memory card 109 using the same proce- 
dure each time It issues a command to access the au- 
thentication area 332 in the memory card 1 09. However, 
a simplified authentication procedure may be used to 
access the authentication area 332, depending on the 
command type. 

[0189] For example, when the write command "Se- 
cureWrtte" is issued, the encrypted master key 323b and 
the medium ID 341 may not be obtained from the mem- 
ory card 109, but the memory card 109 may execute the 
write command "SecureWrite" even when only a one- 
way authentication (an authentication of a device by the 
memory card 1 09) completes affirmatively. With this ar- 
rangement, commands which are little related to the 
copyright protection will be executed at high speed, 
[0190] The flash memory 303 in the memory card 109 
of the present invention may be replaced with another 
storage medium (e.g., a nonvolatile medium such as a 
hard disk, an optical disc, and a magnet optical disc). A 
portable storage card capable of securing a copyright 
on the stored data as the present invention can be 
achieved using any of such mediums. 
[0191] The present Invention has been fully described 
by way of examples with reference to the accompanying 
drawings, it is to be noted that various changes and 
modifications will be apparent to those skilled in the art. 
Therefore, unless such changes and modifications de- 
part from the scope of the present invention, they should 
be construed as being included therein. 



Claims 

1. A semiconductor memory card (109) that can be 
used/removed in/from an electronic device, com- 
prising: 

a rewritable nonvolatile memory (303); 
an address holding unit; and 
a control circuit, 

the nonvolatile memory (303) including an au- 
thentication area (332) and a non-authentica- 
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tion area (331), 

an address held by the address holding unit 
marking a boundary between the authentica- 
tion area (332) and the non-authentication area 5 
(331) in the nonvolatile memory (303), 

the control circuit including: 

an authentication unit (321) which per- io 
forms an authentication process to checl< 
whether the electronic device has authority 
to access the semiconductor memory card 
(109), and affirmatively authenticates the 
electronic device when the electronic de- 
vice has authority to access the semicon- 
ductor memory card (1 09); 

an area resizing circuit (322, 325, 326) 
which resizes the authentication area (332) 20 
and the non-authentication area (331) by 
changing the boundary marking address 
based on a dedicated command issued 
from the electronic device if the authenti- 
cation unit (321) affirmatively authenti- 25 
cates the electronic device; 

a n on -authentication area access control 
unit (326) which controls accesses to the 
non-authentication are (331) referring to 30 
the boundary marking address based on 
an instruction by the electronic device; and 

an authentication area access control unit 
(325) which controls accesses to the au- 35 
thentlcation area (332) referring to the 
boundary marking address based on an in- 
struction by the electronic device, wherein 

the authentication unit (321 ) performs the authenti- 40 
cation process prior to the control of accesses to 
the authentication area (332) by the authentication 
area access control unit (325), and 
the authentication area access control unit (325) 
does not control accesses to the authentication ar- 4s 
ea (332) if the authentication unit (321 ) does not au- 
thenticate the electronic device affirmatively in the 
authentication process. 

2. A control method for use in a semiconductor mem- so 
ory card (1 09) that can be used/removed in/from an 
electronic device, the semiconductor memory card 
(109) including a rewritable nonvolatile memory 
(303), an address holding unit, and a control circuit, 
the nonvolatile memory (303) including an authen- 55 
ticatton area (332) and a non-authentication area 
(331). 

an address held by the address holding unit mark- 



ing a boundary between the authentication area 
(332) and the non-authentication area (331) in the 
nonvolatile memory (303), 
the control method comprising: 

an authentication step which perfomns an au- 
thentication process to check whether the elec- 
tronic device has authority to access the semi- 
conductor memory card (1 09), and affirmatively 
authenticates the electronic device when the 
electronic device has authority to access the 
semiconductor memory card (109); 
an area resizing step which resizes the authen- 
tication area (332) and the non-authentication 
area (331) by changing the boundary marking 
address based on a dedicated command is- 
sued from the electronic device if the authenti- 
cation unit (321) affinnatlvely authenticates the 
electronic device: 

a non-authentication area access control step 
which controls accesses to the non-authentica- 
tion area (331) referring to the boundary mark- 
ing address based on an instruction by the elec- 
tronic device; and 

an authentication area access control step 
which controls accesses to the authentication 
area (332) referring to the boundary marking 
address based on an instruction by the elec- 
tronic device, wherein 

the authentication step performs the authentication 
process prior to the controlling of accesses to the 
authentication area (332) by the authentication area 
access control step, and 

the authentication area access control step does 
not control accesses to the authentication area 
(332) if the authentication step does not authenti- 
cate the electronic device affirmatively in the au- 
thenticating process. 
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FIG. 18A 
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